From the no-need-to-hack-when-it’s-leaking dept., state edition, the North Carolina Department of Information Technology and Office of State Human Resources are notifying 84,860 current or former state agency employees that a file with their name and SSN was uploaded by mistake to a state intranet site accessed by more than 65,000 authenticated users: We are writing…
Category: Exposure
Brooklyn Tech students uncovered a NYC schools data breach.
Pooja Salhotra reports: Teachers’ social security numbers, student academic records, and families’ home addresses are among the dozens of pieces of information a group of tech savvy high school students stumbled across on Google Drive this year. The documents — many of which contained confidential information — were leaked because of a quirk in the…
Reindeer Leak Personal Data of 3,00,000 Users In A Breach
When the data are old and the company is defunct, it’s a headache making notification and getting a leaky Amazon AWS S3 bucket secured. eHackingNews reports: WizCase’s cybersecurity group discovered a prominent breach impacting Reindeer, an American marketing company that previously worked with Tiffany & Co., Patròn Tequila, and other companies. Led by Ata Hakçil,…
Ie: Patient medical records found in a pub and carpark
Irish Examiner reports: Patients’ medical records from Letterkenny University Hospital (LUH) were found in a pub and in a carpark by members of the public in two separate incidents that occurred in the same five-week period, it has emerged. Read more on Irish Examiner. The story contains reports on other HSE breaches.
NZ: Work and Income privacy breach due to email mistake
Daniel Smith reports: Private email addresses of 103 beneficiaries have been made public due to a mistake by a Work and Income caseworker. They were carbon copied (CC) into an email promoting free fruit and nuts from the Christchurch City Council, rather than blind carbon copied (BCC), which would have concealed them from each other. Read more…
UK: Activist raided by police after downloading London property firm’s ‘confidential’ meeting minutes from Google Search
Gareth Corfield reports: A man who viewed documents online for a controversial London property development and shared them on social media was raided by police after developers claimed there had been a break-in to their systems. The raid by four Metropolitan Police constables took place after Southwark campaigner Robert Hutchinson was reportedly accused of illegally…